CVE-2017-11497

CRITICAL

Gemalto Sentinel LDK RTE HASP SRM 2.10-Sentinel LDK 7.50 - Remote Code Execution via Long Filename in Language Pack

Title source: llm
STIX 2.1

Description

Stack buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to execute arbitrary code via language packs containing filenames longer than 1024 characters.

References (7)

Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/102906
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/102739

Scores

CVSS v3 9.8
EPSS 0.0476
EPSS Percentile 90.8%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-119
Status published
Products (4)
gemalto/sentinel_ldk_rte 2.10
gemalto/sentinel_ldk_rte 3.0
gemalto/sentinel_ldk_rte 7.1
gemalto/sentinel_ldk_rte 7.50
Published Oct 03, 2017
Tracked Since Feb 18, 2026